Sunday , December 22 2024

Recent Posts

Daily Cybersecurity Update, June 13- 2023

We have three more victims of the MOVEit vulnerability – government departments in two U.S. states and a U.K regulator. All leading to the compromise of sensitive data. Earlier this year, healthcare vendor Intellihartx had fallen victim to the GoAnywhere zero-day attack. It concluded the investigation, revealing hundreds of thousands …

Read More »

Fortinet Warns Customers of Possible Zero-Day Exploited in Limited Attacks

Fortinet on Monday warned customers that a recently patched vulnerability, tracked as CVE-2023-27997, could be a zero-day flaw that has been exploited in limited attacks. The vulnerability, which is a critical heap-based buffer overflow in the SSL-VPN module, can allow a remote hacker to execute arbitrary code or commands using …

Read More »

Microsoft Warns of AitM Phishing Attacks Against Financial Organizations

A newly discovered multi-stage Adversary-in-the-Middle (AitM) phishing and BEC attack campaign has been targeting banking and financial organizations. According to Microsoft, the attack originated from a compromised trusted vendor and transitioned to a series of AitM and BEC attacks. During this period, the attackers abused the trusted relationship between vendors, …

Read More »